Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/wELZtvmZ_BHBHf9agCYtfaFCPLE.roa
File: wELZtvmZ_BHBHf9agCYtfaFCPLE.roa (raw, json)
Hash identifier: tpodvhISuwT/TPlGi/Kqz+g2fFnp+WF0UwVH3LeD23E=
Subject key identifier: C0:42:D9:B6:F9:99:FC:11:C1:1D:FF:5A:80:26:2D:7D:A1:42:3C:B1
Certificate issuer: /CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Certificate serial: 018AD74C76EEF98E22CB2105E47CCADD9CEC
Authority key identifier: 00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/wELZtvmZ_BHBHf9agCYtfaFCPLE.roa
Signing time: Wed 27 Sep 2023 15:40:27 +0000
ROA not before: Wed 27 Sep 2023 15:40:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a13:bb40::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:4c:76:ee:f9:8e:22:cb:21:05:e4:7c:ca:dd:9c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Validity
Not Before: Sep 27 15:40:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c042d9b6f999fc11c11dff5a80262d7da1423cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:64:73:9a:f3:65:e7:df:54:c2:b2:77:41:38:
66:fa:1f:cb:57:31:21:88:5d:10:19:f5:24:7d:24:
10:7a:aa:68:7b:8e:e8:99:28:57:fc:cb:7b:58:5e:
e2:08:3d:98:51:f5:a7:6a:99:01:95:33:7b:6f:f3:
8e:d0:da:75:94:66:13:f8:64:5e:9f:b5:a0:51:c3:
52:c7:bc:d4:6d:6a:01:42:b5:11:c7:3f:18:b7:7c:
7f:78:68:cb:95:b4:09:40:80:74:62:e7:86:34:08:
a1:77:3e:3a:a0:e7:11:c4:90:42:5e:bc:43:3f:64:
9b:01:90:35:fc:5b:04:b8:f0:72:9b:ca:42:95:a5:
88:b4:d2:9b:3b:3e:9f:f0:56:f2:ea:f0:11:c1:3a:
9a:1b:72:6e:de:9f:b6:d6:c6:fc:a1:7f:33:2e:09:
78:af:82:82:a4:27:c4:ef:83:8c:25:ac:c6:48:b7:
5d:06:54:de:50:0d:1d:60:1c:6d:7d:50:47:74:b4:
0b:be:d4:7c:91:53:49:ad:d1:aa:e1:ad:4a:dc:17:
40:dd:4e:60:53:42:dd:61:e1:2e:c2:61:7b:9b:1e:
0c:90:f9:2d:83:6e:2b:8f:83:87:71:ad:f9:0d:ed:
87:c2:2f:89:8c:7d:98:f5:c5:3a:cb:79:fb:ed:a5:
20:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:42:D9:B6:F9:99:FC:11:C1:1D:FF:5A:80:26:2D:7D:A1:42:3C:B1
X509v3 Authority Key Identifier:
keyid:00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/wELZtvmZ_BHBHf9agCYtfaFCPLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/ABK53JdtfOgH5G_qSTbHJrDEogY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bb40::/29
Signature Algorithm: sha256WithRSAEncryption
94:d9:e0:e9:66:7f:99:b7:59:97:b4:da:c1:2a:c4:c6:d7:41:
ad:6f:66:7c:a3:0d:43:f7:e7:06:96:64:d9:65:ee:c9:99:ac:
13:6f:0e:84:fc:bd:58:e1:d0:a2:0a:5c:87:f2:c9:c0:94:b3:
51:18:1d:4d:88:7a:ee:83:2f:14:94:f5:7f:7e:09:9c:9f:a6:
dc:f0:44:1a:8d:d7:86:68:b5:90:2a:8c:21:b8:0a:5c:58:24:
70:36:8f:91:e7:3d:65:27:16:31:1b:cc:27:0c:35:be:90:8c:
a9:39:fb:5e:1b:5e:73:a6:0c:05:a5:9a:63:f4:14:82:86:75:
7e:84:7c:08:40:ea:35:8b:6d:43:dc:65:ef:cc:be:94:16:20:
03:c1:84:cf:3c:3b:f9:20:12:87:3f:7c:4c:f1:ce:dc:bf:6d:
ce:1e:ab:52:4e:da:77:79:30:ad:a3:2b:f9:e6:70:68:c5:6f:
2e:91:1c:37:8e:ed:fe:57:5b:bb:ef:b3:ce:36:fd:a9:c8:31:
dd:33:af:91:18:d7:ff:e0:a8:4d:92:6c:cd:5d:6d:5d:c0:7c:
b0:01:0e:4c:36:a8:fa:63:72:26:f0:cc:52:18:ce:47:33:b0:
f6:71:8d:f0:af:e3:19:35:80:70:eb:14:a7:7c:8a:b1:ac:5e:
0f:61:fe:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYrXTHbu+Y4iyyEF5HzK3ZzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTJiOWRjOTc2ZDdjZTgwN2U0NmZlYTQ5MzZjNzI2YjBj
NGEyMDYwHhcNMjMwOTI3MTU0MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQyZDliNmY5OTlmYzExYzExZGZmNWE4MDI2MmQ3ZGExNDIzY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9WRzmvNl599UwrJ3QThm+h/LVzEh
iF0QGfUkfSQQeqpoe47omShX/Mt7WF7iCD2YUfWnapkBlTN7b/OO0Np1lGYT+GRe
n7WgUcNSx7zUbWoBQrURxz8Yt3x/eGjLlbQJQIB0YueGNAihdz46oOcRxJBCXrxD
P2SbAZA1/FsEuPBym8pClaWItNKbOz6f8Fby6vARwTqaG3Ju3p+21sb8oX8zLgl4
r4KCpCfE74OMJazGSLddBlTeUA0dYBxtfVBHdLQLvtR8kVNJrdGq4a1K3BdA3U5g
U0LdYeEuwmF7mx4MkPktg24rj4OHca35De2Hwi+JjH2Y9cU6y3n77aUgBQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMBC2bb5mfwRwR3/WoAmLX2hQjyxMB8GA1UdIwQY
MBaAFAASudyXbXzoB+Rv6kk2xyawxKIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjIt
OTg0YTA4ODk4NDU5LzEvd0VMWnR2bVpfQkhCSGY5YWdDWXRmYUZDUExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjItOTg0YTA4ODk4NDU5
LzEvQUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO7QDAN
BgkqhkiG9w0BAQsFAAOCAQEAlNng6WZ/mbdZl7TawSrExtdBrW9mfKMNQ/fnBpZk
2WXuyZmsE28OhPy9WOHQogpch/LJwJSzURgdTYh67oMvFJT1f34JnJ+m3PBEGo3X
hmi1kCqMIbgKXFgkcDaPkec9ZScWMRvMJww1vpCMqTn7Xhtec6YMBaWaY/QUgoZ1
foR8CEDqNYttQ9xl78y+lBYgA8GEzzw7+SAShz98TPHO3L9tzh6rUk7ad3kwraMr
+eZwaMVvLpEcN47t/ldbu++zzjb9qcgx3TOvkRjX/+CoTZJszV1tXcB8sAEOTDao
+mNyJvDMUhjORzOw9nGN8K/jGTWAcOsUp3yKsaxeD2H+nQ==
-----END CERTIFICATE-----
Generated at Tue Oct 24 14:10:45 2023 by rpki-client on console-ams.rpki-client.org